C:\WINDDK\2600\sys\i386\FLYNORTH.pdb
Static task
static1
1 signatures
General
-
Target
9bddfb2f90999f7365da6a2073c67178
-
Size
2KB
-
MD5
9bddfb2f90999f7365da6a2073c67178
-
SHA1
d4e5f3c310a32cd73cd59df96ca97b26eab1aecc
-
SHA256
8f73a219c12a34f7bf923e1d8328914489826f4cac7d9e1b156a27bba5953044
-
SHA512
9b214cffadb840917188772f848b1686738a758f3eda00b99a97597614723cb65fcb0a4f2c39eb0412c8f2710501134b6e39f3367f13ebf6ece7b3beab394fa7
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9bddfb2f90999f7365da6a2073c67178
Files
-
9bddfb2f90999f7365da6a2073c67178.sys windows:5 windows x86 arch:x86
1a2a2bf51665fff88596df8285834602
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IoCreateSymbolicLink
DbgPrint
sprintf
IoCreateDevice
RtlInitUnicodeString
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
Sections
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 338B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ